Example 21 with KeyManagerDTO
use of org.wso2.carbon.apimgt.rest.api.admin.v1.dto.KeyManagerDTO in project carbon-apimgt by wso2.
the class APIProviderImpl method updateSharedScope.
/**
* Update a shared scope.
*
* @param sharedScope Shared Scope
* @param tenantDomain tenant domain
* @throws APIManagementException If failed to update
*/
@Override
public void updateSharedScope(Scope sharedScope, String tenantDomain) throws APIManagementException {
int tenantId = APIUtil.getTenantIdFromTenantDomain(tenantDomain);
Map<String, KeyManagerDto> tenantKeyManagers = KeyManagerHolder.getTenantKeyManagers(tenantDomain);
for (Map.Entry<String, KeyManagerDto> keyManagerEntry : tenantKeyManagers.entrySet()) {
KeyManager keyManager = keyManagerEntry.getValue().getKeyManager();
if (keyManager != null) {
try {
keyManager.updateScope(sharedScope);
} catch (APIManagementException e) {
log.error("Error while Updating Shared Scope " + sharedScope.getKey() + " from Key Manager " + keyManagerEntry.getKey(), e);
}
}
}
updateScope(sharedScope, tenantId);
}
Also used :
APIManagementException(org.wso2.carbon.apimgt.api.APIManagementException)
KeyManagerDto(org.wso2.carbon.apimgt.impl.dto.KeyManagerDto)
Map(java.util.Map)
TreeMap(java.util.TreeMap)
ConcurrentHashMap(java.util.concurrent.ConcurrentHashMap)
HashMap(java.util.HashMap)
KeyManager(org.wso2.carbon.apimgt.api.model.KeyManager)
Example 22 with KeyManagerDTO
use of org.wso2.carbon.apimgt.rest.api.admin.v1.dto.KeyManagerDTO in project carbon-apimgt by wso2.
the class APIProviderImpl method addLocalScopes.
/**
* Add local scopes for the API if the scopes does not exist as shared scopes. The local scopes to add will be
* take from the URI templates.
*
* @param apiName API name
* @param uriTemplates URI Templates
* @param organization Organization
* @throws APIManagementException if fails to add local scopes for the API
*/
private void addLocalScopes(String apiName, Set<URITemplate> uriTemplates, String organization) throws APIManagementException {
int tenantId = APIUtil.getInternalOrganizationId(organization);
String tenantDomain = APIUtil.getTenantDomainFromTenantId(tenantId);
Map<String, KeyManagerDto> tenantKeyManagers = KeyManagerHolder.getTenantKeyManagers(tenantDomain);
// Get the local scopes set to register for the API from URI templates
Set<Scope> scopesToRegister = getScopesToRegisterFromURITemplates(apiName, organization, uriTemplates);
// Register scopes
for (Scope scope : scopesToRegister) {
for (Map.Entry<String, KeyManagerDto> keyManagerDtoEntry : tenantKeyManagers.entrySet()) {
KeyManager keyManager = keyManagerDtoEntry.getValue().getKeyManager();
if (keyManager != null) {
String scopeKey = scope.getKey();
try {
// version.
if (!keyManager.isScopeExists(scopeKey)) {
// register scope in KM
keyManager.registerScope(scope);
} else {
if (log.isDebugEnabled()) {
log.debug("Scope: " + scopeKey + " already registered in KM. Skipping registering scope.");
}
}
} catch (APIManagementException e) {
log.error("Error while registering Scope " + scopeKey + "in Key Manager " + keyManagerDtoEntry.getKey(), e);
}
}
}
}
addScopes(scopesToRegister, tenantId);
}
Also used :
Scope(org.wso2.carbon.apimgt.api.model.Scope)
APIManagementException(org.wso2.carbon.apimgt.api.APIManagementException)
KeyManagerDto(org.wso2.carbon.apimgt.impl.dto.KeyManagerDto)
Map(java.util.Map)
TreeMap(java.util.TreeMap)
ConcurrentHashMap(java.util.concurrent.ConcurrentHashMap)
HashMap(java.util.HashMap)
KeyManager(org.wso2.carbon.apimgt.api.model.KeyManager)
Example 23 with KeyManagerDTO
use of org.wso2.carbon.apimgt.rest.api.admin.v1.dto.KeyManagerDTO in project carbon-apimgt by wso2.
the class APIAdminImpl method mergeIdpWithKeyManagerConfiguration.
private void mergeIdpWithKeyManagerConfiguration(IdentityProvider identityProvider, KeyManagerConfigurationDTO keyManagerDTO) {
keyManagerDTO.setDisplayName(identityProvider.getDisplayName());
keyManagerDTO.setDescription(identityProvider.getIdentityProviderDescription());
IdentityProviderProperty[] identityProviderProperties = identityProvider.getIdpProperties();
if (identityProviderProperties.length > 0) {
for (IdentityProviderProperty identityProviderProperty : identityProviderProperties) {
if (StringUtils.equals(identityProviderProperty.getName(), APIConstants.JWKS_URI)) {
keyManagerDTO.addProperty(APIConstants.KeyManager.CERTIFICATE_TYPE, APIConstants.KeyManager.CERTIFICATE_TYPE_JWKS_ENDPOINT);
keyManagerDTO.addProperty(APIConstants.KeyManager.CERTIFICATE_VALUE, identityProviderProperty.getValue());
}
if (StringUtils.equals(identityProviderProperty.getName(), IdentityApplicationConstants.IDP_ISSUER_NAME)) {
keyManagerDTO.addProperty(APIConstants.KeyManager.ISSUER, identityProviderProperty.getValue());
}
}
} else if (StringUtils.isNotBlank(identityProvider.getCertificate())) {
keyManagerDTO.addProperty(APIConstants.KeyManager.CERTIFICATE_TYPE, APIConstants.KeyManager.CERTIFICATE_TYPE_PEM_FILE);
keyManagerDTO.addProperty(APIConstants.KeyManager.CERTIFICATE_VALUE, identityProvider.getCertificate());
}
keyManagerDTO.setEnabled(identityProvider.isEnable());
keyManagerDTO.setAlias(identityProvider.getAlias());
ClaimConfig claimConfig = identityProvider.getClaimConfig();
JsonArray claimArray = new JsonArray();
for (ClaimMapping claimMapping : claimConfig.getClaimMappings()) {
JsonObject claimMappingEntryDTO = new JsonObject();
claimMappingEntryDTO.addProperty("localClaim", claimMapping.getLocalClaim().getClaimUri());
claimMappingEntryDTO.addProperty("remoteClaim", claimMapping.getRemoteClaim().getClaimUri());
claimArray.add(claimMappingEntryDTO);
}
keyManagerDTO.addProperty(APIConstants.KeyManager.CLAIM_MAPPING, claimArray);
}
Also used :
JsonArray(com.google.gson.JsonArray)
ClaimMapping(org.wso2.carbon.identity.application.common.model.ClaimMapping)
IdentityProviderProperty(org.wso2.carbon.identity.application.common.model.IdentityProviderProperty)
ClaimConfig(org.wso2.carbon.identity.application.common.model.ClaimConfig)
JsonObject(com.google.gson.JsonObject)
Example 24 with KeyManagerDTO
use of org.wso2.carbon.apimgt.rest.api.admin.v1.dto.KeyManagerDTO in project carbon-apimgt by wso2.
the class KeyManagerMappingUtil method toKeyManagerConfigurationDTO.
public static KeyManagerConfigurationDTO toKeyManagerConfigurationDTO(String tenantDomain, KeyManagerDTO keyManagerDTO) {
KeyManagerConfigurationDTO keyManagerConfigurationDTO = new KeyManagerConfigurationDTO();
Map<String, String> endpoints = new HashMap<>();
keyManagerConfigurationDTO.setName(keyManagerDTO.getName());
keyManagerConfigurationDTO.setDisplayName(keyManagerDTO.getDisplayName());
keyManagerConfigurationDTO.setDescription(keyManagerDTO.getDescription());
keyManagerConfigurationDTO.setEnabled(keyManagerDTO.isEnabled());
keyManagerConfigurationDTO.setType(keyManagerDTO.getType());
keyManagerConfigurationDTO.setOrganization(tenantDomain);
keyManagerConfigurationDTO.setTokenType(keyManagerDTO.getTokenType().toString());
keyManagerConfigurationDTO.setAlias(keyManagerDTO.getAlias());
Map<String, Object> additionalProperties = new HashMap();
if (keyManagerDTO.getAdditionalProperties() != null && keyManagerDTO.getAdditionalProperties() instanceof Map) {
additionalProperties.putAll((Map) keyManagerDTO.getAdditionalProperties());
}
if (StringUtils.isNotEmpty(keyManagerDTO.getClientRegistrationEndpoint())) {
additionalProperties.put(APIConstants.KeyManager.CLIENT_REGISTRATION_ENDPOINT, keyManagerDTO.getClientRegistrationEndpoint());
endpoints.put(APIConstants.KeyManager.CLIENT_REGISTRATION_ENDPOINT, keyManagerDTO.getClientRegistrationEndpoint());
}
if (StringUtils.isNotEmpty(keyManagerDTO.getIntrospectionEndpoint())) {
additionalProperties.put(APIConstants.KeyManager.INTROSPECTION_ENDPOINT, keyManagerDTO.getIntrospectionEndpoint());
endpoints.put(APIConstants.KeyManager.INTROSPECTION_ENDPOINT, keyManagerDTO.getIntrospectionEndpoint());
}
if (StringUtils.isNotEmpty(keyManagerDTO.getTokenEndpoint())) {
additionalProperties.put(APIConstants.KeyManager.TOKEN_ENDPOINT, keyManagerDTO.getTokenEndpoint());
endpoints.put(APIConstants.KeyManager.TOKEN_ENDPOINT, keyManagerDTO.getTokenEndpoint());
}
if (StringUtils.isNotEmpty(keyManagerDTO.getDisplayTokenEndpoint())) {
additionalProperties.put(APIConstants.KeyManager.DISPLAY_TOKEN_ENDPOINT, keyManagerDTO.getDisplayTokenEndpoint());
endpoints.put(APIConstants.KeyManager.DISPLAY_TOKEN_ENDPOINT, keyManagerDTO.getDisplayTokenEndpoint());
}
if (StringUtils.isNotEmpty(keyManagerDTO.getRevokeEndpoint())) {
additionalProperties.put(APIConstants.KeyManager.REVOKE_ENDPOINT, keyManagerDTO.getRevokeEndpoint());
endpoints.put(APIConstants.KeyManager.REVOKE_ENDPOINT, keyManagerDTO.getRevokeEndpoint());
}
if (StringUtils.isNotEmpty(keyManagerDTO.getDisplayRevokeEndpoint())) {
additionalProperties.put(APIConstants.KeyManager.DISPLAY_REVOKE_ENDPOINT, keyManagerDTO.getDisplayRevokeEndpoint());
endpoints.put(APIConstants.KeyManager.DISPLAY_REVOKE_ENDPOINT, keyManagerDTO.getDisplayRevokeEndpoint());
}
if (StringUtils.isNotEmpty(keyManagerDTO.getScopeManagementEndpoint())) {
additionalProperties.put(APIConstants.KeyManager.SCOPE_MANAGEMENT_ENDPOINT, keyManagerDTO.getScopeManagementEndpoint());
endpoints.put(APIConstants.KeyManager.SCOPE_MANAGEMENT_ENDPOINT, keyManagerDTO.getScopeManagementEndpoint());
}
if (keyManagerDTO.getAvailableGrantTypes() != null) {
additionalProperties.put(APIConstants.KeyManager.AVAILABLE_GRANT_TYPE, keyManagerDTO.getAvailableGrantTypes());
}
if (StringUtils.isNotEmpty(keyManagerDTO.getIssuer())) {
additionalProperties.put(APIConstants.KeyManager.ISSUER, keyManagerDTO.getIssuer());
}
if (keyManagerDTO.getCertificates() != null) {
additionalProperties.put(APIConstants.KeyManager.CERTIFICATE_VALUE, keyManagerDTO.getCertificates().getValue());
if (KeyManagerCertificatesDTO.TypeEnum.JWKS.equals(keyManagerDTO.getCertificates().getType())) {
additionalProperties.put(APIConstants.KeyManager.CERTIFICATE_TYPE, APIConstants.KeyManager.CERTIFICATE_TYPE_JWKS_ENDPOINT);
} else if (KeyManagerCertificatesDTO.TypeEnum.PEM.equals(keyManagerDTO.getCertificates().getType())) {
additionalProperties.put(APIConstants.KeyManager.CERTIFICATE_TYPE, APIConstants.KeyManager.CERTIFICATE_TYPE_PEM_FILE);
}
}
if (StringUtils.isNotEmpty(keyManagerDTO.getUserInfoEndpoint())) {
additionalProperties.put(APIConstants.KeyManager.USERINFO_ENDPOINT, keyManagerDTO.getUserInfoEndpoint());
endpoints.put(APIConstants.KeyManager.USERINFO_ENDPOINT, keyManagerDTO.getUserInfoEndpoint());
}
if (StringUtils.isNotEmpty(keyManagerDTO.getAuthorizeEndpoint())) {
additionalProperties.put(APIConstants.KeyManager.AUTHORIZE_ENDPOINT, keyManagerDTO.getAuthorizeEndpoint());
endpoints.put(APIConstants.KeyManager.AUTHORIZE_ENDPOINT, keyManagerDTO.getAuthorizeEndpoint());
}
if (StringUtils.isNotEmpty(keyManagerDTO.getWellKnownEndpoint())) {
additionalProperties.put(APIConstants.KeyManager.WELL_KNOWN_ENDPOINT, keyManagerDTO.getWellKnownEndpoint());
}
if (keyManagerDTO.getEndpoints() != null) {
for (KeyManagerEndpointDTO endpoint : keyManagerDTO.getEndpoints()) {
endpoints.put(endpoint.getName(), endpoint.getValue());
}
}
keyManagerConfigurationDTO.setEndpoints(endpoints);
additionalProperties.put(APIConstants.KeyManager.ENABLE_OAUTH_APP_CREATION, keyManagerDTO.isEnableOAuthAppCreation());
additionalProperties.put(APIConstants.KeyManager.ENABLE_MAP_OAUTH_CONSUMER_APPS, keyManagerDTO.isEnableMapOAuthConsumerApps());
additionalProperties.put(APIConstants.KeyManager.ENABLE_TOKEN_GENERATION, keyManagerDTO.isEnableTokenGeneration());
additionalProperties.put(APIConstants.KeyManager.ENABLE_TOKEN_HASH, keyManagerDTO.isEnableTokenHashing());
additionalProperties.put(APIConstants.KeyManager.ENABLE_TOKEN_ENCRYPTION, keyManagerDTO.isEnableTokenEncryption());
additionalProperties.put(APIConstants.KeyManager.SELF_VALIDATE_JWT, keyManagerDTO.isEnableSelfValidationJWT());
List<TokenValidationDTO> tokenValidationDTOList = keyManagerDTO.getTokenValidation();
if (tokenValidationDTOList != null && !tokenValidationDTOList.isEmpty()) {
additionalProperties.put(APIConstants.KeyManager.TOKEN_FORMAT_STRING, new Gson().toJson(tokenValidationDTOList));
}
List<ClaimMappingEntryDTO> claimMapping = keyManagerDTO.getClaimMapping();
if (claimMapping != null) {
additionalProperties.put(APIConstants.KeyManager.CLAIM_MAPPING, new Gson().toJsonTree(claimMapping));
}
if (StringUtils.isNotEmpty(keyManagerDTO.getConsumerKeyClaim())) {
additionalProperties.put(APIConstants.KeyManager.CONSUMER_KEY_CLAIM, keyManagerDTO.getConsumerKeyClaim());
}
if (StringUtils.isNotEmpty(keyManagerDTO.getScopesClaim())) {
additionalProperties.put(APIConstants.KeyManager.SCOPES_CLAIM, keyManagerDTO.getScopesClaim());
}
keyManagerConfigurationDTO.setAdditionalProperties(additionalProperties);
return keyManagerConfigurationDTO;
}
Also used :
KeyManagerConfigurationDTO(org.wso2.carbon.apimgt.api.dto.KeyManagerConfigurationDTO)
KeyManagerEndpointDTO(org.wso2.carbon.apimgt.rest.api.admin.v1.dto.KeyManagerEndpointDTO)
HashMap(java.util.HashMap)
TokenValidationDTO(org.wso2.carbon.apimgt.rest.api.admin.v1.dto.TokenValidationDTO)
Gson(com.google.gson.Gson)
ClaimMappingEntryDTO(org.wso2.carbon.apimgt.rest.api.admin.v1.dto.ClaimMappingEntryDTO)
JsonObject(com.google.gson.JsonObject)
HashMap(java.util.HashMap)
Map(java.util.Map)
Example 25 with KeyManagerDTO
use of org.wso2.carbon.apimgt.rest.api.admin.v1.dto.KeyManagerDTO in project carbon-apimgt by wso2.
the class KeyManagersApiServiceImpl method keyManagersPost.
public Response keyManagersPost(KeyManagerDTO body, MessageContext messageContext) throws APIManagementException {
String organization = RestApiUtil.getOrganization(messageContext);
APIAdmin apiAdmin = new APIAdminImpl();
try {
KeyManagerConfigurationDTO keyManagerConfigurationDTO = KeyManagerMappingUtil.toKeyManagerConfigurationDTO(organization, body);
KeyManagerConfigurationDTO createdKeyManagerConfiguration = apiAdmin.addKeyManagerConfiguration(keyManagerConfigurationDTO);
APIUtil.logAuditMessage(APIConstants.AuditLogConstants.KEY_MANAGER, new Gson().toJson(keyManagerConfigurationDTO), APIConstants.AuditLogConstants.CREATED, RestApiCommonUtil.getLoggedInUsername());
URI location = new URI(RestApiConstants.KEY_MANAGERS + "/" + createdKeyManagerConfiguration.getUuid());
return Response.created(location).entity(KeyManagerMappingUtil.toKeyManagerDTO(createdKeyManagerConfiguration)).build();
} catch (URISyntaxException e) {
String error = "Error while Creating Key Manager configuration in organization " + organization;
throw new APIManagementException(error, e, ExceptionCodes.INTERNAL_ERROR);
}
}
Also used :
KeyManagerConfigurationDTO(org.wso2.carbon.apimgt.api.dto.KeyManagerConfigurationDTO)
APIManagementException(org.wso2.carbon.apimgt.api.APIManagementException)
APIAdmin(org.wso2.carbon.apimgt.api.APIAdmin)
Gson(com.google.gson.Gson)
APIAdminImpl(org.wso2.carbon.apimgt.impl.APIAdminImpl)
URISyntaxException(java.net.URISyntaxException)
URI(java.net.URI)
Aggregations
KeyManagerDto (org.wso2.carbon.apimgt.impl.dto.KeyManagerDto)16
APIManagementException (org.wso2.carbon.apimgt.api.APIManagementException)15
HashMap (java.util.HashMap)13
Map (java.util.Map)13
KeyManager (org.wso2.carbon.apimgt.api.model.KeyManager)13
TreeMap (java.util.TreeMap)10
ConcurrentHashMap (java.util.concurrent.ConcurrentHashMap)9
KeyManagerConfigurationDTO (org.wso2.carbon.apimgt.api.dto.KeyManagerConfigurationDTO)5
Gson (com.google.gson.Gson)4
APIAdmin (org.wso2.carbon.apimgt.api.APIAdmin)4
APIAdminImpl (org.wso2.carbon.apimgt.impl.APIAdminImpl)4
JsonObject (com.google.gson.JsonObject)3
ArrayList (java.util.ArrayList)3
APIIdentifier (org.wso2.carbon.apimgt.api.model.APIIdentifier)3
Scope (org.wso2.carbon.apimgt.api.model.Scope)3
URITemplate (org.wso2.carbon.apimgt.api.model.URITemplate)3
KeyManagerDTO (org.wso2.carbon.apimgt.rest.api.admin.v1.dto.KeyManagerDTO)3
JsonArray (com.google.gson.JsonArray)2
HashSet (java.util.HashSet)2
List (java.util.List)2
